This week: a DeepSeek browser-only ransomware path, AI pen testing trust dropped, Mustang Panda targeted India, Tata breach ...
The original incomplete DeepSeek sample can be transformed into a fully functional attack with minimal effort,' Check Point researcher tells The Reg ...
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Attackers exploited Langflow vulnerability CVE-2025-3248 to conduct an agentic AI-powered ransomware attack involving reconnaissance, credential theft, and lateral movement.
The first AI agent ran a ransomware attack end to end, signaling a shift to machine-speed cyberattacks and autonomous defense ...
Sysdig says JADEPUFFER is the first known agentic ransomware attack, showing how AI agents could automate familiar security ...
Researchers at Sysdig say they found "a warning sign" of where ransomware attacks are heading.
Sysdig says JADEPUFFER may be the first agentic ransomware case, exposing how AI agents can turn old credential failures into database destruction. JADEPUFFER is a warning about exposed AI ...
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
Researchers at Nebula Security have disclosed GhostLock ( CVE-2026-43499 ), a 15-year-old Linux kernel flaw that lets any logged-in user take full root control of a machine that has not been patched.
A new Android malware operation called RedWing is being rented out on Telegram as a ready-made bank-fraud service. It lets even low-skill criminals take over a victim's phone, steal their banking ...